- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=secondary"

- name: setup secondary arch download server
  hosts: secondary
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - "/srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml"

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - fas_client
  - collectd/base
  - download
  - rsyncd
  - sudo
  - { role: nfs/client,
      mnt_dir: '/srv/pub/archive',
      nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/archive' }
  - { role: nfs/client,
      mnt_dir: '/srv/pub/alt',
      nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3",
      nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/alt' }
  - { role: nfs/client,
      mnt_dir: '/srv/pub/fedora-secondary',
      nfs_mount_opts: "rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3",
      nfs_src_dir: 'fedora_ftp/fedora.redhat.com/pub/fedora-secondary' }

  - role: apache

  - role: httpd/mod_ssl

  - role: httpd/certificate
    name: "{{wildcard_cert_name}}"
    SSLCertificateChainFile: "{{wildcard_int_file}}"

  - role: httpd/website
    name: secondary.fedoraproject.org
    cert_name: "{{wildcard_cert_name}}"
    server_aliases:
    - archive.fedoraproject.org
    - archives.fedoraproject.org
  tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"
  - import_tasks: "{{ tasks_path }}/2fa_client.yml"
  - import_tasks: "{{ tasks_path }}/motd.yml"

  - name: Install some misc packages needed for various tasks
    package: name={{ item }} state=present
    with_items:
    - createrepo
    - koji
    - python-scandir
    - python2-productmd

  - name: add create-filelist script from quick-fedora-mirror
    copy: src="{{ files }}/scripts/create-filelist" dest=/usr/local/bin/create-filelist mode=0755

  - name: add cron script to update fullfiletimelist
    copy: src="{{ files }}/scripts/update-fullfiletimelist" dest=/usr/local/bin/update-fullfiletimelist mode=0755

  - name: Update fullfiletimelist job
    cron: name="update-fullfiletimelist" hour="*" minute="55" user="root"
        job="/usr/local/bin/lock-wrapper update-fullfiletimelist '/usr/local/bin/update-fullfiletimelist -l /tmp/update-fullfiletimelist.lock -t /srv/pub alt'"
        cron_file=update-fullfiletimelist

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"
